The Cybersecurity Engineer is responsible for implementing, maintaining, and supporting cybersecurity technologies and processes that protect the organization's systems, networks, applications, and data. This role works closely with IT, Engineering, and business teams to identify vulnerabilities, monitor security events, respond to threats, and strengthen the organization's overall security posture.

The Cybersecurity Engineer plays a key role in supporting and executing security operations, vulnerability management, incident response, and security compliance efforts to protect digital publishing platforms, newsroom systems, and corporate technology.

Responsibilities:

Security Operations

• Monitor security tools and platforms to identify threats, vulnerabilities, and suspicious activity.
• Investigate security alerts and assist with incident response activities.
• Support the implementation and maintenance of security technologies across the enterprise ensuring tools operate at full effectiveness, gaps are promptly identified, and issues are escalated with clear supporting information.
• Perform security reviews and system health checks documenting findings and tracking follow-up actions to maintain a strong and consistent security baseline.

Vulnerability Management

• Conduct vulnerability scans and assist in assessing security risks.
• Track and coordinate remediation activities with technology teams ensuring fixes are completed within defined SLA windows and remediation status is consistently documented for reporting and audit purposes.
• Validate security fixes and support ongoing risk reduction efforts.
• Assist with penetration testing activities and remediation initiatives.

Security Administration

• Administer identity and access management processes, including account provisioning and privileged access controls ensuring access rights are accurate, timely, and compliant with organizational policy at all times.
• Assist in maintaining endpoint security, network security, and cloud security controls.
• Configure and manage security tools according to organizational standards.
• Support implementation of security policies and technical safeguards.

Incident Response & Threat Analysis

• Assist in investigating security incidents and documenting findings.
• Collect and analyze system and security logs during investigations.
• Support incident containment, recovery, and remediation efforts helping to minimize operational impact and restore secure, stable operations as efficiently as possible.
• Escalate significant threats and vulnerabilities to senior security personnel.

Compliance & Documentation

• Maintain accurate, current security documentation, procedures, and operational records that support audit readiness, consistent security operations, and knowledge continuity across the team. Support compliance audits, assessments, and security reviews by producing timely, accurate data and documentation that enables successful audit outcomes and demonstrates adherence to applicable security frameworks.
• Contribute to security awareness initiatives and technical training efforts, helping strengthen the organization's security culture and measurably reduce risk across the enterprise.

Cross-Functional Support

• Collaborate with IT, Engineering, and business teams to support secure technology operations.
• Provide recommendations to improve operational security control effectiveness.
• Participate in projects that require security reviews or implementation support.
• Performs other duties as assigned.

Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field and 3+ years of experience in cybersecurity, information security, systems administration, network administration, or related technical roles; OR 5+ years of experience in cybersecurity, information security, systems administration, network administration, or related technical roles.
• Experience supporting enterprise security technologies and security operations processes.
• Technical Expertise
• Knowledge of network security, endpoint security, identity management, and cybersecurity best practices.
• Hands on experience with security monitoring tools, vulnerability scanning solutions, and endpoint protection technologies.
• Experience with identity and access management (IAM) platforms and privileged access management processes
• Hands-on experience configuring and managing enterprise security tools
• Knowledge of incident response frameworks and procedures
• Proven ability to maintain accurate technical documentation and standard operating procedures
• Familiarity with cloud security concepts and modern technology environments.
• Understanding of security frameworks and regulatory requirements.
• Strong analytical, troubleshooting, and problem-solving abilities.
• Excellent organizational and communication skills.
• Ability to work independently and collaboratively within a team environment.
• Strong attention to detail and commitment to maintaining security standards.

preferred Qaulificiations:

• Security certifications such as Security+, CySA+, SSCP, GSEC, or equivalent.
• Experience supporting digital media, publishing, or online content platforms.
• Familiarity with scripting, automation, or AI-enabled security tools used to improve operational efficiency and threat detection capabilities.

The pay scale the Company reasonably expects to pay for this position at the time of the posting is $125,000 to $140,000 and takes into account a wide range of factors including but not limited to skill set, experience, training, licenses, certifications, and other business or organizational needs. Compensation will be determined based on the above factors along with the requirements of the position. At the L.A. Times, it is not typical for an individual to be hired at or near the top of the range for the role. Please visit our career site to view the benefits available to our employees. We recommend adding our applicant tracking system domain (@dayforce.com) as a safe sender or contact, sometimes these emails get filtered to candidates' spam folders.